diff options
| author | Phil Sutter <phil@nwl.cc> | 2023-01-10 22:36:58 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-02 11:56:18 +0100 |
| commit | b694dbdee37c623456f90f202244c6b3e48b70ab (patch) | |
| tree | 2e3d72eeb17394ee00e0249cbd2bfcefcd91042a | |
| parent | 6c27573f57f66043c86ec576422645bb2e1a7769 (diff) | |
netlink: Fix for potential NULL-pointer deref
commit 927d5674e7bf656428f97c54c9171006e8c3c75e upstream.
If memory allocation fails, calloc() returns NULL which was not checked
for. The code seems to expect zero array size though, so simply
replacing this call by one of the x*calloc() ones won't work. So guard
the call also by a check for 'len'.
Fixes: db0697ce7f602 ("src: support for flowtable listing")
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | src/netlink.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index efbc6565..5130f6c4 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1790,7 +1790,8 @@ netlink_delinearize_flowtable(struct netlink_ctx *ctx, while (dev_array[len]) len++; - flowtable->dev_array = calloc(1, len * sizeof(char *)); + if (len) + flowtable->dev_array = xmalloc(len * sizeof(char *)); for (i = 0; i < len; i++) flowtable->dev_array[i] = xstrdup(dev_array[i]); |